Probabilistic inference strategy in distributed intrusion detection systems

Authors:
Jianguo Ding;Shihao Xu;Bernd Krämer;Yingcai Bai;Hansheng Chen;Jun Zhang
Affiliations:
Shanghai Jiao Tong University, Shanghai, P.R. China;Shanghai Jiao Tong University, Shanghai, P.R. China;FernUniversität Hagen, Hagen, Germany;Shanghai Jiao Tong University, Shanghai, P.R. China;East-china Institute of Computer Technology, P.R. China;Shanghai Jiao Tong University, Shanghai, P.R. China
Venue:
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
Year:
2004

Citing 16
Cited 0

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Probabilistic reasoning in intelligent systems: networks of plausible inference

Probabilistic reasoning in intelligent systems: networks of plausible inference
Twisted GFSR generators

ACM Transactions on Modeling and Computer Simulation (TOMACS)
Twisted GFSR generators II

ACM Transactions on Modeling and Computer Simulation (TOMACS)
State Transition Analysis: A Rule-Based Intrusion Detection Approach

IEEE Transactions on Software Engineering
Schemes for fault identification in communication networks

IEEE/ACM Transactions on Networking (TON)
A coding approach to event correlation

Proceedings of the fourth international symposium on Integrated network management IV
Causality: models, reasoning, and inference

Causality: models, reasoning, and inference
Probabilistic Networks and Expert Systems

Probabilistic Networks and Expert Systems
Mining intrusion detection alarms for actionable knowledge

Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Detecting Anomalous and Unknown Intrusions Against Programs

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Classification and Computation of Dependencies for Distributed Management

ISCC '00 Proceedings of the Fifth IEEE Symposium on Computers and Communications (ISCC 2000)
Execution monitoring of security-critical programs in distributed systems: a Specification-based approach

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)

A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)
Bro: a system for detecting network intruders in real-time

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A semantics for probabilistic quantifier-free first-order languages, with particular application to story understanding

IJCAI'89 Proceedings of the 11th international joint conference on Artificial intelligence - Volume 2

Quantified Score

Hi-index	0.00

Visualization

Abstract

The level of seriousness and sophistication of recent cyber-attacks has risen dramatically over the past decade. This brings great challenges for network protection and the automatic security management. Quick and exact localization of intruder by an efficient intrusion detection system (IDS) will be great helpful to network manager. In this paper, Bayesian networks (BNs) are proposed to model the distributed intrusion detection based on the characteristic of intruders' behaviors. An inference strategy based on BNs are developed, which can be used to track the strongest causes (attack source) and trace the strongest dependency routes among the behavior sequences of intruders. This proposed algorithm can be the foundation for further intelligent decision in distributed intrusion detection.